Solved

ISA, sharepoint and ftp - Forms Based Authentication questions

Posted on 2009-03-30
7
910 Views
Last Modified: 2013-12-04
My company currently has a sharpoint site that is accessed by both internal employees and external clients.  We have created AD accounts for the external people.  We are in the process of setting up and FTP site also that will need the same access.  I am beginning to look into FBA (forms based authentication) so the external users do not need to have accounts created in our active directory.  Would ISA be a good canidate to help me accomplish a cleaner setup of this system?  I am trying to see if this should be an avenue I should look at in order to allow external clients a way to authenticate to our sharepoint and FTP through some central console and allow them access to their info and also allow my internal users a way to securly access these same systems when out of the office?

Thanks for any help.
0
Comment
Question by:martin2478
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 24021197
Maybe and maybe not. ISA is a great tool but you sound as though you are moving to the next level here. Have a look at the IAG Server - ISA's sister product in the Forefront: Edge portfolio.

http://www.microsoft.com/forefront/en/us/default.aspx
0
 

Author Comment

by:martin2478
ID: 24021634
Thanks for the response.  I will look more into IAG but it was the forms based authentication that is mentioned in ISA that I am interested in.  Right now I have sharepoint , ftp , and web outlook setup for remote use.  I am really looking for a clean way to authenticate people outside of our company and tie that into them being able to access our ftp and sharepoint sites with the same usernames and passwords without me having to create the accounts in my active directory.

I amy be looking at the wrong app but any more tips would be great.

0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 24022807
Understood. But ISA is not a repository. Where are you going to store the account details of external users - I assume an internal SQL server or something?

We used a separate AD in the DMZ and then used identity Lifecycle Manager (ILS) to do all of this with IAG on the outside and ISA on the inside. Have you reviewed the creating the extranet for Sharepoint guides?

That said, if you simply want a control point then yes, ISA will do it.
0
MS Dynamics Made Instantly Simpler

Make Your Microsoft Dynamics Investment Count  & Drastically Decrease Training Time by Providing Intuitive Step-By-Step WalkThru Tutorials.

 

Author Comment

by:martin2478
ID: 24023182
Thanks for the info.  I was planning on using SQL to house external user accounts.

Your setup seems like a secure setup and will have to look into something like that more.

I have not read the extranet for sharepoint guides, I believe I should start there before continuing the conversation to get a better grasp.  But before into reading does this mentality make any sense to you.

Have internal users have AD accounts.  External users use an FBA tied into a SQL database.  Use ISA as a portal for external users to authenticate with and then from there they will have access to our sharepoint and ftp site?

Thanks again for all of your help.  The fog seems to be clearing finally in my head.
0
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 500 total points
ID: 24023254
your approach is fine - and often adopted. The part where many go wrong is to NOT think about where it might go in the future. For example, if you decide to open up the portal/self-service aspects then are you going to want to have to administrate all of that? the authentication? The authorisation? Small things in the early days but it can grow as the benefits are identified and you want to realise them.

Anyway, this is a useful place to start. For reference we use the split model.
With ISA2006
http://technet.microsoft.com/en-us/library/cc268368.aspx

Extranet
http://technet.microsoft.com/en-us/library/cc263513.aspx#section3
0
 

Author Closing Comment

by:martin2478
ID: 31564323
Thanks for all of your help.  This has me heading in the right direction now.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 24043126
Thanks :)
0

Featured Post

PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Common practice undertaken by most system administrators is to document the configurations and final solutions of anything performed by them for their future use and reference. So here I am going to explain how to export ISA Server 2004 Firewall pol…
Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question